formats

Welcome to News & Events

Published on December 20, 2011, by in Industry News.

Welcome to The Fraud Practice’s FraudBlog; your source for updates on current events, commentary and best practices related to the eCommerce CNP payments and fraud industry.

Be sure to signup to see all of our content to include our free monthly FraudBlog Newsletter.

 
formats

The Fraud Practice and CardinalCommerce Release Results from the 2nd Annual Consumer Authentication Survey

The Use of Consumer Authentication in eCommerce white paper from The Fraud Practice and CardinalCommerce details the results and key findings from the second annual Consumer Authentication Survey highlighting trends and changes in the use and perception of these programs in just one year’s time. The Consumer Authentication survey and report white paper is now available and The Fraud Practice and CardinalCommerce will host a webinar in April to further discuss the survey results.

Now in its second year, the Consumer Authentication Survey once again collected industry perspectives regarding the market sentiment, use and implementation of Consumer Authentication programs such as Verified by Visa and MasterCard SecureCode. After setting the baseline with the inaugural Consumer Authentication Survey, the second annual edition provides insight on who is using Consumer Authentication today, how they are using it, what the industry thinks of this technique and why, as well as what has changed in the past year.

Download the Use of Consumer Authentication in eCommerce, Annual Report 2015

Read the full Press Release

 
formats

With Custom Modeling, Deployment is Just as Critical as Design

Whether an organization is building a custom modeling solution in-house, using a service provider or combining both in-house and third party resources, the fundamental components of an effective custom modeling solution are the same. Statistical models must first be created, which requires historical data, a team of modeling experts, as well as the right tools and software to design effective models. Next, the organization will need the infrastructure or platform to actually apply this model to live transactions, interpret the results and route the transactions accordingly. A commonly observed problem in the market, however, is that organizations put forth such great effort in ensuring the statistical models are accurate predictors of risk that the next step, how these models are actually deployed, is often overlooked or just an afterthought.

This isn’t to say that model design is not a critical step. What’s the good in efficiently deploying custom models if they are not effective at distinguishing fraudulent from legitimate transactions? But organizations must also consider the other side of the coin: even if a custom model was accurate at predicting fraud most all of the time, it is of no benefit unless it can be applied to transactions, meaning the transactional and customer data can be fed to the models and the results can be interpreted to decide the course of action for each order.

Deployment is the second major step in executing custom models after model design, but is at least equally as important of a step.

Read More

 
formats

Target Reports Cost of Data Breach was $162 Million

The late 2013 data breach impacting 70 million Target customers continues to cost the company which in their latest financial statements reported $4 million in related expenses for Q4 2014. The total loss to Target for 2013 and 2014 related to the data breach was $162 million, but would have been even larger if not for the $90 million that was offset by insurance receivables.

While $162 million in losses is substantial it could have been much worse, and the costs associated with the major data breach may continue to accrue. If not for the insurance policy Target would’ve reported a total loss of more than $250 million related to data breach. In late 2014 issuing banks were able to continue with a lawsuit against Target and in early 2015 a federal judge permitted a group of plaintiffs, representing consumers impacted by the breach, to proceed with a class action case which could also lead to high legal and/or settlement fees costing the multi-channel retailer.

Read More

 
formats

Google and Samsung Each Announce Mobile Payment Plans Utilizing Tokenization and Biometric Authentication

Following Apple’s lead Samsung and Google each announced mobile payment services of their own with a similar naming structure. The recently announced Samsung Pay and Android Pay will both make use of fingerprint biometrics to authenticate transactions as well as tokenization, although all three systems have their similarities and differences.

Both organizations announced their planned mobile payment developments at the Mobile World Congress event held in Barcelona. Samsung Pay is expected to launch this summer in South Korea and the United States with a release in Europe planned later. At this stage it is uncertain when Android Pay will be available to the public but it is known that Visa, MasterCard and American Express will support it and there is likely to be more information coming at Google’s annual developer conference in May.

Read More

 
formats

Are the FIDO Alliance Authentication Specifications the Beginning of the End for Passwords?

The FIDO (Fast Identity Online) Alliance released their first documents for stronger authentication at the end of 2014 with version 1.0 of their Universal Authentication Framework (UAF) and Universal 2nd Factor (U2F) specifications. The group of more than 150 member organizations hopes to usher in the post-password era through biometrics, hardware and other forms of authentication, and is continuing to expand on their specifications to incorporate NFC and Bluetooth capabilities.

The FIDO Alliance formed in 2012 and has continued to grow as major financial institutions, payment, hardware, and technology organizations have joined. Board level members include Alibaba Group, Bank of America, Google, Microsoft, Visa, MasterCard and others. The Alliance’s first formal and published specifications outline a new standard for authentication offering “FIDO-enabled authenticators” that any organization, website or application can interface with. The intent is for the specifications to be an open standard rather than patent-restricted authentication processes or protocols as board level organizations Google and Nok Nok Labs each donated intellectual property. FIDO members can freely implement and market solutions around the FIDO-enabled authenticators while non-members can freely deploy these solutions as well.

Read More

 
formats

Google Wallet Partners with and Acquires Softcard’s Technology to Better Odds of Winning Mobile Wallet Wars

While there had been rumors that Google was in talks with Softcard to acquire the mobile network’s joint venture, the two organizations made an official announcement about their newly formed partnership on February 23rd. Under the deal Google will acquire Softcard’s patents and technology while the three major carriers that formed Softcard will now include the Google Wallet app pre-installed on their Android smartphones.

Once rivals, Google Wallet and Softcard now share a common line of reasoning that reflects a famous proverb: “An enemy of my enemy is my friend.” That common enemy is Apple Pay. To combat this enemy, or to at least keep pace with them, Google Wallet and Softcard decided to team up with a quasi-partnership-acquisition deal.

Read More

 
formats

Visa to Expand Token Service used with Apple Pay to Visa Checkout and eCommerce Merchants in 2015

The world’s largest card network commercially debuted their Visa Token Service in October, 2014 coinciding with the launch of Apple Pay. The service provisions issuers with a token that can be used in place of the card’s primary account number. The token is then transmitted to merchants via Apple Pay for processing for both in-store and in-app purchases. In February Visa announced plans to expand their token service beyond use in Apple Pay to all Visa Checkout transactions, as well as for online transactions with larger, participating merchants that are completed when using a Visa card directly.

The implication of this announcement is that many more mobile wallets and payment services may start using VTS in the not-too-distant future. Visa also expects larger eCommerce merchants to deploy VTS and is already in talks with major online merchants to make tokenization updates to stored credit card data.

Read More

 
formats

Increase in Mobile Fraud Outpaces Mobile Transaction Growth

According to a recent study from LexisNexis mobile commerce represents 14 percent of all transactions, but 21 percent of fraudulent transactions are attributed to the mobile channel. Meanwhile the value of fraud losses for mobile channel merchants quickly grew from 0.8 percent of revenue in 2013 to 1.36 percent of revenue in 2014.

According to estimates from Forrester Research, mobile payments will account for $67 billion in U.S. transactions in 2015, up from $52 billion in 2014 and $32 billion in 2013. While mobile transaction volume grew by nearly 63 percent from 2013 to 2014, the value of fraud losses for mobile channel merchants increased by 70 percent, from 80 cents to $1.36 per $100 in revenue, during this same time frame.

Read More

 
formats

Samsung Acquires Mobile Payment Technology Startup LoopPay

Samsung, one of the primary Google Wallet partners, announced in late February that they would acquire mobile contactless payment platform and wallet LoopPay, which uses a proprietary phone case or keychain fob to transmit payment information to traditional point-of-sale payment terminals using patented Magnetic Secure Transmission™ technology. Terms of the acquisition, which has potential to shakeup the mobile wallet market, were not disclosed.

LoopPay, based in the Boston, Massachusetts area, will be a wholly owned subsidiary under Samsung Electronics America while co-founder and CEO Will Graylin will continue to lead the LoopPay organization in addition to becoming a co-GM for Samsung payment solutions.

This acquisition may signal that Samsung is hedging their bets to be part of the future or mobile payments, with or without Google.

Read More

 
formats

Visa Working with Issuers to Expand use of Mobile Geolocating to Verify Card Present Transactions

Visa has partnered with Finsphere, a geospatial analytics company, to provide location information of mobile devices at the time of a card transaction. The card network is now working with card issuers to embed the mobile geolocation features in their mobile banking apps and estimates that 30 percent of wrongly declined transactions can be stopped.

Finsphere jointly launched a service called PinPoint in 2010 along with Location Labs. It was a similar mobile geolocating service to what Visa is looking to implement, although notifications went directly to the cardholder rather than the card issuers. Partnering with Finshpere, Visa plans to offer location tracking to their issuing bank partners in hopes of reducing unnecessary declines when a consumer travels.

 
© The Fraud Practice LLC 2012